cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
932
Views
0
Helpful
0
Comments
pkhilola
Cisco Employee
Cisco Employee

Goal
To configure AppQoE TCP and DRE optimization feature on Catalyst 8000 Edge platform family with IOS XE SD-WAN for enhanced Application Quality of Experience.

Benefits

  • Integrated solution with Cisco SD-WAN
  • Improves Application Quality of Experience
  • Reduced redundant data over WAN
  • Addresses high latency and high bandwidth usage issues
  • Easy workflow configuration from vManage

Prerequisites:

Documentation
This configuration example is meant to be interpreted with the aid of the official documentation from the configuration guide located here:
TCP Optimization - Cisco SD-WAN AppQoE Configuration Guide, Cisco IOS XE Release 17.x - TCP Optimization [Cisco SD-WAN] - Cisco
External Service Nodes Configuration - Cisco SD-WAN AppQoE Configuration Guide, Cisco IOS XE Release 17.x - External Service Nodes for AppQoE Services [Cisco SD-WAN] - Cisco
DRE Configuration - Cisco SD-WAN AppQoE Configuration Guide, Cisco IOS XE Release 17.x - Traffic Optimization with DRE [Cisco SD-WAN] - Cisco
HTTP Connect - Cisco SD-WAN AppQoE Configuration Guide, Cisco IOS XE Release 17.x - HTTP Connect [Cisco SD-WAN] - Cisco

Supported Platforms:

pkhilola_0-1663149155196.png

Note: 
Platforms requirs specific resources CPU/RAM/Disk to support AppQoE.
Please check this link for more details - Cisco SD-WAN AppQoE Configuration Guide, Cisco IOS XE Release 17.x - Traffic Optimization with DRE [Cisco SD-WAN] - Cisco


Topology
Below topology will be used for the step-by-step configuration example. This uses an integrated service node deployment use case for both the SD-WAN WAN edge devices. 

pkhilola_0-1662986497163.png


Step-by-Step Configuration

1. Create AppQoE Feature Templates for TCP and DRE Optimization

1.1 Create an AppQoE feature template for C8200-1N-4T

1.1.1 From the Cisco vManage menu, navigate to Configuration >Templates

pkhilola_0-1662986829175.png

1.1.2 Click Feature

1.1.3 Select Add Template

pkhilola_0-1663128747723.jpeg

1.1.4 In the search bar enter the PID C8200-1N-4T

1.1.5 Select C8200-1N-4T

pkhilola_2-1662986960418.png

1.1.6 On the right-hand side of the page, scroll down to the subsection Other Templates, select AppQoE 

pkhilola_3-1662987036772.png

 1.1.7 Enter the following details:
Template Name: C8200-AppQoE-Template
Description: C8200-AppQoE-Template

1.1.8 Within the Controller heading, click on the checkbox to Enable the Integrated Service Node option

1.1.9 Enable DRE optimization by clicking on the toggle switch

1.1.10 Click Save at the bottom of the page

pkhilola_0-1663139072786.jpegpkhilola_1-1663139094423.jpeg

 

Note: Integrated Service Node deployment refers to a deployment where both Service Controller and Service Node functions are deployed on the same WAN edge. As an integrated service node deployment, vManage automatically assigns IP addresses to the router’s controller and service node making each function locally significant.

 1.1.11 Once the template page loads, search for AppQoE in the search bar and verify that the template for the
C8200-1N-4T is present

pkhilola_2-1663139310885.jpeg

 


1.2 Repeat the steps from 1.1.1 to 1.1.11 to create the AppQoE Feature Template for C8300-2N2S-4T2X

2. Attaching AppQoE Feature Template to Device

2.1 Follow the below steps to attach AppQoE template to C8200-1N-4T

 2.1.1 From the Cisco vManage menu, choose Configuration > Templates

pkhilola_6-1662987428145.png

2.1.2 At the top of the page, click Device

2.1.3 From the device template page, search C8200-1N-4T in the search box. Using the actions button on the left-hand side click Edit.

pkhilola_3-1663139458256.jpeg

 


2.1.4 Select the heading Additional Templates. Scroll down and under the AppQoE drop-down list, choose the newly created AppQoE template for C8200-1N-4T [C8200-AppQoE-Template]

 2.1.5 Click Update

pkhilola_4-1663139641648.jpeg
 
 
pkhilola_5-1663139656325.jpeg

 


2.1.6 Click Next

pkhilola_9-1662987603380.png

2.1.7 Click Configure Devices

pkhilola_10-1662987656926.png

After some time, you will see a validation message stating that the device template has successfully been attached to the C8200-1N-4T. This step will download the DRE container image to the device and install it, so it might take few minutes to complete. If the DRE container image is not uploaded to vManage software repository then this step will fail. 

 

pkhilola_11-1662987723519.png

2.2 Repeat the steps from 2.1.1 to 2.1.7 to attach AppQoE template to C8300-2N2S-4T2X

3. Configure Traffic Interception Rules for AppQoE

Centralized policies refer to policies that are provisioned on Cisco vSmart Controllers, which are the centralized controllers in the Cisco SD-WAN overlay network. A centralized control policy applies to the network-wide routing of traffic by affecting the information that is stored in the Cisco vSmart Controller's route table and that is advertised to the Cisco SD-WAN Edge devices.

3.1 Define sequence rule for Ubuntu host connected to C8200-1N-4T

3.1.1 From the Cisco vManage menu, navigate to Configuration > Policies

pkhilola_0-1662987988801.png

3.1.2 From the top right, select the Custom Options drop down menu and select Traffic Policy

pkhilola_1-1662988053558.png

3.1.3 Click the heading Traffic Data

3.1.4 Click Add Policy drop-down, Select Create New

pkhilola_2-1662988106835.png

3.1.5 Define the data policy that will be pushed to both the C8200-1N-4T and C8300-2N2S-4T2X-01 routers. Enter the following details:
Name: AppQoE-Policy
Description: AppQoE-Policy 

 3.1.6 On the left pane, click Sequence Type. The Add Data Policy popup opens

pkhilola_3-1662988188179.png

3.1.7 Select the Custom option for the data policy

pkhilola_4-1662988228341.png

3.1.8 Define sequence rule for Ubuntu host connected to C8200-1N-4T

3.1.9 In the right pane, Click Sequence Rule

pkhilola_0-1662988392938.png

3.1.10 When the Match/Action box opens, select from the available match conditions to intercept traffic data. For this policy we will be intercepting traffic from a specified source prefix

3.1.11 In the Match [1] conditions, click Source Data Prefix [2] from the selection bar. This specifies the prefixes that we wish to define to match the traffic

pkhilola_1-1662988474462.png

3.1.12 Under Match Conditions [3] Enter the IP Prefix [4] of the incoming traffic, for e.g., in my lab it is 10.1.10.0/24 for Ubuntu host connected to C8200-1N-4T

3.1.13 From the Action [1] conditions heading click Accept [2]

3.1.14 In the AppQoE Optimization [3] subheading enable both TCP Optimization and DRE Optimization [4] 

3.1.15 Click Save Match and Actions [5] at the bottom right of the page

pkhilola_2-1662988602613.png

3.1.16 Define sequence rule for Ubuntu host connected to C8300-2N2S-4T2X

3.1.17 In the right pane, Click Sequence Rule

pkhilola_3-1662988805014.png

3.1.18 When the Match/Action box opens, select from the available match conditions to intercept traffic data. For this policy we will be intercepting traffic from a specified source prefix

3.1.19 In the Match [1] conditions, click Source Data Prefix [2] from the selection bar. This specifies the prefixes that we wish to define to match the traffic

3.1.20 Under Match Conditions [3] Enter the IP Prefix of the incoming traffic 10.1.30.0/25

pkhilola_4-1662988904419.png

3.1.21 From the Action conditions heading click Accept [1]

3.1.22 In the AppQoE Optimization [3] subheading enable both TCP Optimization and DRE Optimization [4] 

3.1.23 Click Save Match and Actions [5] at the bottom right of the page 

pkhilola_5-1662988977390.png

3.1.24 Apply Default Action
Once both policies are created for the two defined source data prefixes, all other incoming traffic must have a default action applied. By default, all traffic is set to be dropped if no match occurs for data packets. We will change the default action to accept all incoming traffic. 

3.1.25 From the left navigation pane, Click Default Action [1] and select the Edit [2] option to the far right. 

pkhilola_6-1662989056592.png

3.1.26 Select the Accept [1] option at the top of the page

3.1.27 Click Save Match and Actions [2] 

3.1.28 Click Save Data Policy at the bottom of the page

pkhilola_7-1662989122558.png

4. Configure Centralized Data Policies

4.1 Apply Policy to Site IDs

Site IDs represent the identification given to a site for which the device is provisioned. Policies must be associated with specified Sites and VPNs in the network. This is done by defining a specific Site ID and VPN to attach the policy to.

4.1.1 From the Cisco vManage menu, navigate to Configuration > Policies

pkhilola_8-1662989211954.png

4.1.2 Select Add Policy

pkhilola_9-1662989249591.png

4.1.3 From the left navigation pane select Site, Click New Site List and enter the following: 

Site List Name: AppQoE-Sites
Within the Add Site field enter the appropriate Site ID for both C8200- 1N-4T and C8300-2N2S-4TX. 

4.1.4 Click Add

pkhilola_10-1662989330612.png

4.1.5 Within the Add Policy page select VPN [1] from the left navigation menu

4.1.6 Select New VPN List [2]

4.1.7 Specify VPN List Name and ID [3]:
Name: AppQoE-VPN
Add VPN: 1 (Service VPN in my lab)

4.1.8 Click Add [4]

pkhilola_11-1662989465465.png

4.1.9 Click Next 

pkhilola_12-1662989497224.png

4.1.10 Within Configure Topology and VPN Membership page, Click Next

pkhilola_13-1662989535428.png

4.1.11 Within the Configure Traffic Rules [1] page, select Traffic Data [2] > Add Policy [3] > Import Existing [4]

pkhilola_14-1662989597327.png

4.1.12 Within the policy drop-down list, select AppQoE-Policy

4.1.13 Select Import 

pkhilola_15-1662989648444.png

4.1.14 Click Next

pkhilola_16-1662989689593.png

4.1.15 Within the page Apply Policies to Sites and VPNs [1] fill in the required policy parameters using the following details [2]:
Policy Name: AppQoE-Policy
Policy Description: AppQoE-Policy

pkhilola_17-1662989747265.png

4.1.16 Select the heading titled Traffic Data [1] to attach the Site List and VPN List previously configured.

4.1.17 Click New Site List and VPN List [2]

4.1.18 Enable the All [3] option to specify the direction for applying the policy 

pkhilola_18-1662989817665.png

4.1.19 From the Select Site List drop-down choose AppQoE-Sites

pkhilola_19-1662989860551.png

4.1.20 From the Select VPN List drop-down, select AppQoE-VPN

pkhilola_20-1662989893537.png

4.1.21 Click Add

4.1.22 Click Save Policy at the bottom of the page 

pkhilola_21-1662989938416.png

Once the policy is saved you will be directed back to the Centralized Policy page where you will be able to see the newly created policy.

4.1.23 Click on Activate the policy to push the policy to the devices. 

pkhilola_0-1663140874093.jpeg

This concludes the configuration of AppQoE TCP and DRE optimization features for Catalyst 8000 Edge platforms. Once the policy is pushed to the device, the incoming traffic matching the configured traffic policy will be sent to TCP & DRE for optimization. 

 

 

 

 

 

 

 


Verification
-
-
-
How to test TCP Optimization and DRE?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: